-
Posts
37,941 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
It would not be possible to temporarily suspend processes as it takes minutes to get results from replicators. With submission of files disabled, it can happen that a malware will be detected only in memory after execution by AMS but since no actual files will be submitted to ESET, we won't be able to add regular detection applicable by all scanners. Normally that should not happen as someone else would encounter and submit the new malware but in case of a targeted attack we would not get the malware.
-
Older versions didn't check if LiveGrid works or not. During install, you can choose whether you want to submit suspicious files and statistics to ESET. It's not possible to disable LiveGrid during install. It's one of the main protection features that enables ESET to quickly respond to new malware and provide users with maximum protection. Disabling LiveGrid completely (ie. checking hashes against LiveGrid servers) will substantially deteriorate protection and cleaning capabilities.
-
Who paused protection in EFS 6.5?
Marcos replied to deszynda's topic in ESET Products for Windows Servers
Pausing protection is only possible locally by a user with administrator rights or from ERA by sending a special Run command task. If settings are protected with a password, the user must enter a correct password. -
If generating a Procmon log is not an option, please try to configure Windows to generate complete memory dumps and trigger a crash to generate one as per the instructions at https://support.eset.com/kb380/. It will help us determine if ESET is somehow involved in the issue or not.
-
Are you able to open https://edf.eset.com/edf in a browser using the same proxy settings as set in the ESET setup? Ie. if you don't use a proxy, it must not be set in the ESET setup either. If that works, I'd suggest contacting your local customer care that will provide you with a tool for diagnosing activation issues.
-
Bad result? I don't see any bad results there but there's definitely an issue with the methodology. As for the urls, it appears to be there were no malicious ones that were not blocked by ESET but those not blocked was mainly fresh phishing from today which was not blocked at that time by any AV. As for the on-demand scan "test", I "like" tests where one puts all mess (benign files, apps with Chinese gui, PUAs, etc.) into a folder, then scans the files and presents undetected files as misses AVs that detect such files have FPs and should be penalized for that but in these "tests" they get good points for detecting FPs. A credible tester should know what he or she has in the test set, should be able to distinguish malware from PUAs, greyware and other benign applications and remove such from the test set. Including non-malicious files usually substantially skews the final results. Also note that on-demand scans do not reflect the real-world scenario. In real world, malware is usually downloaded by malicious scripts on compromised websites or spread by spammed email. Running just an on-demand scan cannot test other protection layers that might have prevented the malware from being downloaded and executed.